Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
SUSE:SLE-12-SP1:GA
patchinfo.441
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.441
<patchinfo incident="441"> <issue id="917597" tracker="bnc">VUL-0: MozillaFirefox 36 security release</issue> <issue id="CVE-2015-0836" tracker="cve" /> <issue id="CVE-2015-0827" tracker="cve" /> <issue id="CVE-2015-0835" tracker="cve" /> <issue id="CVE-2015-0831" tracker="cve" /> <issue id="CVE-2015-0822" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>pcerny</packager> <description>MozillaFirefox was updated to version 31.5.0 ESR to fix five security issues. These security issues were fixed: - CVE-2015-0836: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.5 allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (bnc#917597). - CVE-2015-0827: Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 31.5 allowed remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic (bnc#917597). - CVE-2015-0835: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (bnc#917597). - CVE-2015-0831: Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 31.5 allowed remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation (bnc#917597). - CVE-2015-0822: The Form Autocompletion feature in Mozilla Firefox before 31.5 allowed remote attackers to read arbitrary files via crafted JavaScript code (bnc#917597). </description> <summary>Security update for MozillaFirefox</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor